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AMENDMENTS TO THE CLAIMS: 

1 . (Original) A method for managing a local Terminal Equipment (TE) accessing 
a network, wherein a management list containing an identity of the local TE is configured 
in a Mobile Terminal (MT) and a user identity card is inserted in the MT, the method 
comprising the steps of: 

after receiving an authentication request identity message containing the identity of 
and from the local TE, the MT deciding according to the information of the TE identity in 
the management list whether to accept the request; 

if a decision is made to accept the request, the MT acquiring an identity of the user 
identity card and returning the identity to the TE, the TE accessing the network using this 
identity, and the procedure is over; otherwise, refusing to return the identity of the user 
identity card to the TE, and terminating the procedure. 

2. (Original) The method according to Claim 1, wherein said management list 
containing the identity of the local TE comprises a management list of TEs allowed to 
access; and wherein the deciding method comprises: 

the MT deciding whether the identity in the received request message exists in the 
management list of TEs allowed to access; 

if the identity exists in the management list, the MT acquiring the identity of the user 
identity card and returning the identity to the TE, the TE accessing the network using this 
identity, and the procedure is over; otherwise refusing to return the identity of the user 
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identity card to the TE and terminating the procedure, or determining according to a policy 
of the user whether to return the identity of the user identity card to the TE. 

3. (Original) The method according to Claim 1, wherein said management list 
containing the identity of the local TE comprises a management list of TEs forbidden to 
access; and wherein the deciding method comprises: 

the MT deciding whether the identity in the received request message exists in the 
management list of TEs forbidden to access; 

if the identity exists in the management list, refusing to return the identity of the user 
identity card to the TE and terminating the procedure, otherwise, determining according to 
a policy of the user whether to return the identity of the user identity card to the TE. 

4. (Original) The method according to Claim 1, wherein said management list 
containing the identity of the local TE comprises a management list of TEs allowed to 
access and a management list of TEs forbidden to access; and wherein the deciding 
method comprises: 

the MT deciding whether the identity in the received request message exists in the 
list of TEs allowed to access; if the identity exists in the management list of TEs allowed 
to access, the MT acquiring the identity of the user identity card and returning the identity 
to the TE, the TE accessing the network using this identity, and the procedure is over; if 
the identity does not exist in the management list of TEs allowed to access, the MT 
deciding whether the identity in the received request message exists in the list of TEs 
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forbidden to access, if the identity exists in the management list of TEs forbidden to 
access, refusing to return the identity of the user identity card to the TE, and terminating 
the procedure; otherwise, refusing to return the identity of the user identity card to the TE, 
or determining whether to return the identity information of the user identity card to the TE 
according to a policy of the user. 

5. (Currently Amended) The method according to Claim 2 or C l aim 4 , wherein 
the authentication request identity message comprises information of the authority 
identifier of the service to be requested, the method further comprising the steps of: 

setting in the management list of TEs allowed to access authority information for TE 
to access the network; 

after deciding according to the information of TE identity in the management list to 
accept the authentication identity request, the MT deciding whether the information of 
service authority identifier in the received request message is consistent with the authority 
information of the TE in the management list; 

if the information of service authority identifier in the authentication request identity 
message is consistent with the authority information in the management list of TEs 
allowed to access, the MT acquiring identity of the user identity card and returning the 
identity to the TE, the TE accessing the network using this identity, and the procedure is 
over; otherwise, refusing to return the identity of the user identity card to the TE, and 
terminating the procedure. 
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6. (Original) The method according to Claim 5, further comprising the steps of: 
setting current state information of the TE in the management list of TEs allowed to 

access; and 

when the network allows only a limited number of TEs to access the network via an 
MT, after receiving an authentication request identity message containing the TE identity 
from the local TE, the MT first deciding according to the current state information of the TE 
in the management list whether the MT itself is serving the number of TEs as limited by 
the network; 

if the MT is serving the number of TEs as limited by the network, refusing to return 
the identity of the user identity card to the TE, and terminating the procedure; otherwise, 
deciding according to the identity information of the TE whether to accept the request and 
continuing the subsequent steps. 

7. (Original) The method according to Claim 6, wherein the TE accessing the 
network using the identity comprises the steps of: 

after sending the identity to the network side and receiving an authentication 
request from the network side, the TE acquiring an authentication response value via the 
MT, forwarding the response value to the network side, and receiving an authentication 
response message from the network side; 

the TE receiving a message of successful authentication from the network side, 
forwarding the message of successful authentication to the MT; 
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after receiving the message of successful authentication from the network side 
forwarded by the TE, the MT modifying the current state information of the TE in the 
management list of TEs allowed to access, making the information indicate an online 
state, then sending key(s) information to the TE, and the TE accessing the network using 
the received key(s) information; or, 

after sending the identity to the network side and receiving an authentication 
request from the network side, the TE acquiring an authentication response value via the 
MT, sending the authentication response value to the network side, and directly forwarding 
the received authentication response message from the network side to the MT; 

the MT, after deciding that a message of successful authentication is received from 
the network side, modifying the current state information of the TE in the management list 
of TEs allowed to access, making the information indicate an online state, then sending to 
the TE key(s) information, and the TE accessing the network using the received key(s) 
information. 

8. (Original) The method according to Claim 7, further comprising the steps of: 
after the TE terminating the service communication with the network side, the network side 
sending to the TE a logoff notice containing the authority identifier of logoff, the TE 
forwarding the received logoff notice to the MT, and the MT, after receiving the logoff 
notice forwarded by the TE, modifying the current state information of the TE in the 
management list of TEs allowed to access, making the information indicate an unused 
state. 
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9. (Original) The method according. to Claim 8, further comprising the steps of: 
when not having received a logoff notice sent from the TE that has been identified as in 
the online state for a preset period of time, the MT modifying the state information of this 
TE, making the information indicate the unused state. 

10. (Original) The method according to Claim 8, when the MT modifies the state 
information of the TE in the management list of TEs allowed to access to make the 
information indicate the online state, further comprising the steps of: 

stamping the time on the modified state information; wherein 

when the MT receives a new authentication identity request and decides according 

to the current state information of the TE in the management list that the MT itself is 

serving a number of TEs as limited by the network, the method further comprises: 

deciding whether the time difference between the current time and the time 

indicated by the time stamp on the state information of theTE has exceeded a preset time 

threshold; 

if the time difference has exceeded the preset time threshold, modifying the state 
information of the TE, and making the information indicate the unused state; otherwise, 
refusing to return the identity of the user identity card to the TE, and terminating the 
procedure. 

11. (Original) The method according to Claim 1, wherein the process of the TE 
accessing the network using the identity comprises: 
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the TE making an authentication with the network side using the identity, and 
receiving the authentication response message from the network side; 

the TE deciding whether the received authentication response message is a 
message of successful authentication; 

if the received authentication response message is a message of successful 
authentication, the TE sending a notice of successful authentication to the MT, receiving 
key(s) information from the MT, and accessing the network using the received key(s) 
information; otherwise, terminating the procedure; or, 

the TE making authentication with the network side using the identity, and 
forwarding the received authentication response message from the network side to the 
MT; 

the MT deciding whether the received authentication response message is a 
message of successful authentication; 

if the received authentication response message is a message of successful 
authentication, the MT sending key(s) information to the TE, and the TE accessing the 
network using the received key(s) information; otherwise, terminating the procedure. 

1 2. (Original) The method according to Claim 1 , wherein at least one management 
list is set in the MT, and each management list is corresponding to a user identity card. 
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13. (Original) The method according to Claim 12, wherein the user identity card 
comprises a Subscriber Identity Module (SIM) of GSM, a USIM of 3GPP, or an ISIM of IP 
multimedia subsystem. 

14. (Original) A method for managing a local TE accessing a network, with a user 
identity card inserted in a MT, the method comprising the steps of: 

after receiving an authentication request identity message from the TE, the MT 
requiring the identity of the user from the identity card, sending the identity to the TE; 

the TE performing authentication with the network, deciding whether the 
authentication is successful; 

if the authentication is successful, the MT sending key(s) information to the TE, and 
the TE accessing the network using the received key(s) information; otherwise, terminating 
the procedure. 

15. (Original) A method according to Claim 14, wherein the process of deciding 
whether the authentication is successful comprises: 

after receiving the authentication response message from the network, the TE 
deciding whether the authentication is successful; 

if the authentication is successful, confirming that the authentication is successful; 
otherwise, terminating the procedure; wherein 



-9- 



DEQ10337P00090US 
PATENT 

after deciding that the authentication is successful, the method further comprises: 
the TE sending a notice of successful authentication to the MT, and the MT sending the 
key(s) information to the TE. 

16. (Original) The method according to Claim 14, wherein the process of deciding 
whether the authentication is successful comprises the steps of: 

after receiving the authentication response message from the network, the TE 
forwarding the authentication response message to the MT, and the MT deciding whether 
the authentication is successful; 

if the authentication is successful, confirming that the authentication is successful; 
otherwise, terminating the procedure. 

17. (Original) The method according to Claim 14, further comprising the steps of: 
setting in the MT a management list containing the identity of the local TE; 

after the MT receiving an authentication request identity message containing the 
identity of TEs from the local TE, the method further comprising the steps of: 

the MT deciding according to the identity information of TE in the management list 
whether to accept the request; 

if a decision is made to accept the request, continuing the subsequent steps; 
otherwise, refusing to return the identity of the user identity card to the TE and terminating 
the procedure. 
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18. (New) The method according to Claim 4, wherein the authentication request 
identity message comprises information of the authority identifier of the service to be 
requested, the method further comprising the steps of: 

setting in the management list of TEs allowed to access authority information for TE 
to access the network; 

after deciding according to the information of TE identity in the management list to 
accept the authentication identity request, the MT deciding whether the information of 
service authority identifier in the received request message is consistent with the authority 
information of the TE in the management list; 

if the information of service authority identifier in the authentication request identity 
message is consistent with the authority information in the management list of TEs 
allowed to access, the MT acquiring identity of the user identity card and returning the 
identity to the TE, the TE accessing the network using this identity, and the procedure is 
over; otherwise, refusing to return the identity of the user identity card to the TE, and 
terminating the procedure. 

19. (New) The method according to Claim 18, further comprising the steps of: 
setting current state information of the TE in the management list of TEs allowed to 

access; and 

when the network allows only a limited number of TEs to access the network via an 
MT, after receiving an authentication request identity message containing the TE identity 
from the local TE, the MT first deciding according to the current state information of the TE 
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in the management list whether the MT itself is serving the number of TEs as limited by 
the network; 

if the MT is serving the number of TEs as limited by the network, refusing to return 
the identity of the user identity card to the TE, and terminating the procedure; otherwise, 
deciding according to the identity information of the TE whether to accept the request and 
continuing the subsequent steps. 
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